@verbeth/sdk 0.1.4

package/dist/src/payload.js

@@ -0,0 +1,216 @@
+export function parseHandshakePayload(plaintextPayload) {
+    try {
+        const parsed = JSON.parse(plaintextPayload);
+        if (typeof parsed === 'object' && parsed.plaintextPayload && parsed.identityProof) {
+            return parsed;
+        }
+    }
+    catch (e) {
+    }
+    throw new Error("Invalid handshake payload: missing identityProof");
+}
+export function serializeHandshakeContent(content) {
+    return JSON.stringify(content);
+}
+export function encodePayload(ephemeralPubKey, nonce, ciphertext, sig) {
+    const payload = {
+        v: 1,
+        epk: Buffer.from(ephemeralPubKey).toString('base64'),
+        n: Buffer.from(nonce).toString('base64'),
+        ct: Buffer.from(ciphertext).toString('base64'),
+        ...(sig && { sig: Buffer.from(sig).toString('base64') })
+    };
+    return JSON.stringify(payload);
+}
+export function decodePayload(json) {
+    let actualJson = json;
+    if (typeof json === 'string' && json.startsWith('0x')) {
+        try {
+            const bytes = new Uint8Array(Buffer.from(json.slice(2), 'hex'));
+            actualJson = new TextDecoder().decode(bytes);
+        }
+        catch (err) {
+            throw new Error(`Hex decode error: ${err instanceof Error ? err.message : String(err)}`);
+        }
+    }
+    try {
+        const { epk, n, ct, sig } = JSON.parse(actualJson);
+        return {
+            epk: Buffer.from(epk, 'base64'),
+            nonce: Buffer.from(n, 'base64'),
+            ciphertext: Buffer.from(ct, 'base64'),
+            ...(sig && { sig: Buffer.from(sig, 'base64') })
+        };
+    }
+    catch (parseError) {
+        throw new Error(`JSON parse error: ${parseError instanceof Error ? parseError.message : String(parseError)}`);
+    }
+}
+// Unified function for encoding any structured content as Uint8Array
+export function encodeStructuredContent(content) {
+    const serialized = JSON.stringify(content, (key, value) => {
+        if (value instanceof Uint8Array) {
+            return Buffer.from(value).toString('base64');
+        }
+        return value;
+    });
+    return new TextEncoder().encode(serialized);
+}
+// Unified function for decoding structured content
+export function decodeStructuredContent(encoded, converter) {
+    const decoded = JSON.parse(new TextDecoder().decode(encoded));
+    return converter(decoded);
+}
+// ========== UNIFIED KEYS MANAGEMENT ==========
+/**
+ * Encodes X25519 + Ed25519 keys into a single 65-byte array with versioning
+ */
+export function encodeUnifiedPubKeys(identityPubKey, // X25519 - 32 bytes
+signingPubKey // Ed25519 - 32 bytes  
+) {
+    const version = new Uint8Array([0x01]); // v1
+    return new Uint8Array([
+        ...version,
+        ...identityPubKey,
+        ...signingPubKey
+    ]); // 65 bytes total
+}
+/**
+ * Decodes unified pubKeys back to individual X25519 and Ed25519 keys
+ */
+export function decodeUnifiedPubKeys(pubKeys) {
+    if (pubKeys.length === 64) {
+        // Legacy
+        return {
+            version: 0,
+            identityPubKey: pubKeys.slice(0, 32),
+            signingPubKey: pubKeys.slice(32, 64)
+        };
+    }
+    if (pubKeys.length === 65 && pubKeys[0] === 0x01) {
+        // V1: with versioning
+        return {
+            version: 1,
+            identityPubKey: pubKeys.slice(1, 33),
+            signingPubKey: pubKeys.slice(33, 65)
+        };
+    }
+    return null;
+}
+export function encodeHandshakePayload(payload) {
+    return new TextEncoder().encode(JSON.stringify({
+        unifiedPubKeys: Buffer.from(payload.unifiedPubKeys).toString('base64'),
+        ephemeralPubKey: Buffer.from(payload.ephemeralPubKey).toString('base64'),
+        plaintextPayload: payload.plaintextPayload
+    }));
+}
+export function decodeHandshakePayload(encoded) {
+    const json = new TextDecoder().decode(encoded);
+    const parsed = JSON.parse(json);
+    return {
+        unifiedPubKeys: Uint8Array.from(Buffer.from(parsed.unifiedPubKeys, 'base64')),
+        ephemeralPubKey: Uint8Array.from(Buffer.from(parsed.ephemeralPubKey, 'base64')),
+        plaintextPayload: parsed.plaintextPayload
+    };
+}
+export function encodeHandshakeResponseContent(content) {
+    return new TextEncoder().encode(JSON.stringify({
+        unifiedPubKeys: Buffer.from(content.unifiedPubKeys).toString('base64'),
+        ephemeralPubKey: Buffer.from(content.ephemeralPubKey).toString('base64'),
+        note: content.note,
+        identityProof: content.identityProof,
+        topicInfo: content.topicInfo ? {
+            out: content.topicInfo.out,
+            in: content.topicInfo.in,
+            chk: content.topicInfo.chk
+        } : undefined
+    }));
+}
+export function decodeHandshakeResponseContent(encoded) {
+    const json = new TextDecoder().decode(encoded);
+    const obj = JSON.parse(json);
+    if (!obj.identityProof) {
+        throw new Error("Invalid handshake response: missing identityProof");
+    }
+    return {
+        unifiedPubKeys: Uint8Array.from(Buffer.from(obj.unifiedPubKeys, 'base64')),
+        ephemeralPubKey: Uint8Array.from(Buffer.from(obj.ephemeralPubKey, 'base64')),
+        note: obj.note,
+        identityProof: obj.identityProof,
+        topicInfo: obj.topicInfo ? {
+            out: obj.topicInfo.out,
+            in: obj.topicInfo.in,
+            chk: obj.topicInfo.chk
+        } : undefined
+    };
+}
+/**
+ * Creates HandshakePayload from separate identity keys
+ */
+export function createHandshakePayload(identityPubKey, signingPubKey, ephemeralPubKey, plaintextPayload) {
+    return {
+        unifiedPubKeys: encodeUnifiedPubKeys(identityPubKey, signingPubKey),
+        ephemeralPubKey,
+        plaintextPayload
+    };
+}
+/**
+ * Creates HandshakeResponseContent from separate identity keys
+ */
+export function createHandshakeResponseContent(identityPubKey, signingPubKey, ephemeralPubKey, note, identityProof, topicInfo) {
+    if (!identityProof) {
+        throw new Error("Identity proof is now mandatory for handshake responses");
+    }
+    return {
+        unifiedPubKeys: encodeUnifiedPubKeys(identityPubKey, signingPubKey),
+        ephemeralPubKey,
+        note,
+        identityProof,
+        topicInfo
+    };
+}
+/**
+ * Extracts individual keys from HandshakePayload
+ */
+export function extractKeysFromHandshakePayload(payload) {
+    const decoded = decodeUnifiedPubKeys(payload.unifiedPubKeys);
+    if (!decoded)
+        return null;
+    return {
+        identityPubKey: decoded.identityPubKey,
+        signingPubKey: decoded.signingPubKey,
+        ephemeralPubKey: payload.ephemeralPubKey
+    };
+}
+/**
+ * Extracts individual keys from HandshakeResponseContent
+ */
+export function extractKeysFromHandshakeResponse(content) {
+    const decoded = decodeUnifiedPubKeys(content.unifiedPubKeys);
+    if (!decoded)
+        return null;
+    return {
+        identityPubKey: decoded.identityPubKey,
+        signingPubKey: decoded.signingPubKey,
+        ephemeralPubKey: content.ephemeralPubKey
+    };
+}
+/**
+ * Parses unified pubKeys from HandshakeLog event
+ */
+export function parseHandshakeKeys(event) {
+    try {
+        const pubKeysBytes = new Uint8Array(Buffer.from(event.pubKeys.slice(2), 'hex'));
+        const decoded = decodeUnifiedPubKeys(pubKeysBytes);
+        if (!decoded)
+            return null;
+        return {
+            identityPubKey: decoded.identityPubKey,
+            signingPubKey: decoded.signingPubKey
+        };
+    }
+    catch (error) {
+        console.error('Failed to parse handshake keys:', error);
+        return null;
+    }
+}

package/dist/src/send.d.ts

@@ -0,0 +1,50 @@
+import { Signer } from "ethers";
+import nacl from 'tweetnacl';
+import { IdentityKeyPair, IdentityProof } from './types.js';
+import { IExecutor } from './executor.js';
+/**
+ * Sends an encrypted message assuming recipient's keys were already obtained via handshake.
+ * Executor-agnostic: works with EOA, UserOp, and Direct EntryPoint (for tests)
+ */
+export declare function sendEncryptedMessage({ executor, topic, message, recipientPubKey, senderAddress, senderSignKeyPair, timestamp }: {
+    executor: IExecutor;
+    topic: string;
+    message: string;
+    recipientPubKey: Uint8Array;
+    senderAddress: string;
+    senderSignKeyPair: nacl.SignKeyPair;
+    timestamp: number;
+}): Promise<any>;
+/**
+ * Initiates an on-chain handshake with unified keys and mandatory identity proof.
+ * Executor-agnostic: works with EOA, UserOp, and Direct EntryPoint (for tests)
+ */
+export declare function initiateHandshake({ executor, recipientAddress, identityKeyPair, ephemeralPubKey, plaintextPayload, identityProof, signer }: {
+    executor: IExecutor;
+    recipientAddress: string;
+    identityKeyPair: IdentityKeyPair;
+    ephemeralPubKey: Uint8Array;
+    plaintextPayload: string;
+    identityProof: IdentityProof;
+    signer: Signer;
+}): Promise<any>;
+/**
+ * Responds to a handshake with unified keys and mandatory identity proof.
+ * Executor-agnostic: works with EOA, UserOp, and Direct EntryPoint (for tests)
+ */
+export declare function respondToHandshake({ executor, initiatorPubKey, // X25519 key from initiator (ephemeral)
+responderIdentityKeyPair, responderEphemeralKeyPair, note, identityProof, signer, initiatorIdentityPubKey, }: {
+    executor: IExecutor;
+    initiatorPubKey: Uint8Array;
+    responderIdentityKeyPair: IdentityKeyPair;
+    responderEphemeralKeyPair?: nacl.BoxKeyPair;
+    note?: string;
+    identityProof: IdentityProof;
+    signer: Signer;
+    initiatorIdentityPubKey?: Uint8Array;
+}): Promise<{
+    tx: any;
+    salt: Uint8Array<ArrayBufferLike>;
+    tag: `0x${string}`;
+}>;
+//# sourceMappingURL=send.d.ts.map

package/dist/src/send.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"send.d.ts","sourceRoot":"","sources":["../../src/send.ts"],"names":[],"mappings":"AAEA,OAAO,EAIL,MAAM,EAEP,MAAM,QAAQ,CAAC;AAChB,OAAO,IAAI,MAAM,WAAW,CAAC;AAU7B,OAAO,EAAE,eAAe,EAAE,aAAa,EAAiB,MAAM,YAAY,CAAC;AAC3E,OAAO,EAAE,SAAS,EAAE,MAAM,eAAe,CAAC;AAK1C;;;GAGG;AACH,wBAAsB,oBAAoB,CAAC,EACzC,QAAQ,EACR,KAAK,EACL,OAAO,EACP,eAAe,EACf,aAAa,EACb,iBAAiB,EACjB,SAAS,EACV,EAAE;IACD,QAAQ,EAAE,SAAS,CAAC;IACpB,KAAK,EAAE,MAAM,CAAC;IACd,OAAO,EAAE,MAAM,CAAC;IAChB,eAAe,EAAE,UAAU,CAAC;IAC5B,aAAa,EAAE,MAAM,CAAC;IACtB,iBAAiB,EAAE,IAAI,CAAC,WAAW,CAAC;IACpC,SAAS,EAAE,MAAM,CAAC;CACnB,gBAmBA;AAED;;;GAGG;AACH,wBAAsB,iBAAiB,CAAC,EACtC,QAAQ,EACR,gBAAgB,EAChB,eAAe,EACf,eAAe,EACf,gBAAgB,EAChB,aAAa,EACb,MAAM,EACP,EAAE;IACD,QAAQ,EAAE,SAAS,CAAC;IACpB,gBAAgB,EAAE,MAAM,CAAC;IACzB,eAAe,EAAE,eAAe,CAAC;IACjC,eAAe,EAAE,UAAU,CAAC;IAC5B,gBAAgB,EAAE,MAAM,CAAC;IACzB,aAAa,EAAE,aAAa,CAAC;IAC7B,MAAM,EAAE,MAAM,CAAC;CAChB,gBA4BA;AAED;;;GAGG;AACH,wBAAsB,kBAAkB,CAAC,EACvC,QAAQ,EACR,eAAe,EAAE,wCAAwC;AACzD,wBAAwB,EACxB,yBAAyB,EACzB,IAAI,EACJ,aAAa,EACb,MAAM,EACN,uBAAuB,GACxB,EAAE;IACD,QAAQ,EAAE,SAAS,CAAC;IACpB,eAAe,EAAE,UAAU,CAAC;IAC5B,wBAAwB,EAAE,eAAe,CAAC;IAC1C,yBAAyB,CAAC,EAAE,IAAI,CAAC,UAAU,CAAC;IAC5C,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,aAAa,EAAE,aAAa,CAAC;IAC7B,MAAM,EAAE,MAAM,CAAC;IACf,uBAAuB,CAAC,EAAE,UAAU,CAAC;CACtC;;;;GAuDA"}

package/dist/src/send.js

@@ -0,0 +1,75 @@
+// packages/sdk/src/send.ts
+import { keccak256, toUtf8Bytes, hexlify, getBytes } from "ethers";
+import nacl from 'tweetnacl';
+import { getNextNonce } from './utils/nonce.js';
+import { encryptMessage, encryptStructuredPayload, deriveDuplexTopics } from './crypto.js';
+import { serializeHandshakeContent, encodeUnifiedPubKeys, createHandshakeResponseContent, } from './payload.js';
+import { computeTagFromResponder } from './crypto.js';
+/**
+ * Sends an encrypted message assuming recipient's keys were already obtained via handshake.
+ * Executor-agnostic: works with EOA, UserOp, and Direct EntryPoint (for tests)
+ */
+export async function sendEncryptedMessage({ executor, topic, message, recipientPubKey, senderAddress, senderSignKeyPair, timestamp }) {
+    if (!executor) {
+        throw new Error("Executor must be provided");
+    }
+    const ephemeralKeyPair = nacl.box.keyPair();
+    const ciphertext = encryptMessage(message, recipientPubKey, // X25519 for encryption
+    ephemeralKeyPair.secretKey, ephemeralKeyPair.publicKey, senderSignKeyPair.secretKey, // Ed25519 for signing
+    senderSignKeyPair.publicKey);
+    const nonce = getNextNonce(senderAddress, topic);
+    return executor.sendMessage(toUtf8Bytes(ciphertext), topic, timestamp, nonce);
+}
+/**
+ * Initiates an on-chain handshake with unified keys and mandatory identity proof.
+ * Executor-agnostic: works with EOA, UserOp, and Direct EntryPoint (for tests)
+ */
+export async function initiateHandshake({ executor, recipientAddress, identityKeyPair, ephemeralPubKey, plaintextPayload, identityProof, signer }) {
+    if (!executor) {
+        throw new Error("Executor must be provided");
+    }
+    const recipientHash = keccak256(toUtf8Bytes('contact:' + recipientAddress.toLowerCase()));
+    const handshakeContent = {
+        plaintextPayload,
+        identityProof
+    };
+    const serializedPayload = serializeHandshakeContent(handshakeContent);
+    // Create unified pubKeys (65 bytes: version + X25519 + Ed25519)
+    const unifiedPubKeys = encodeUnifiedPubKeys(identityKeyPair.publicKey, // X25519 for encryption
+    identityKeyPair.signingPublicKey // Ed25519 for signing
+    );
+    return await executor.initiateHandshake(recipientHash, hexlify(unifiedPubKeys), hexlify(ephemeralPubKey), toUtf8Bytes(serializedPayload));
+}
+/**
+ * Responds to a handshake with unified keys and mandatory identity proof.
+ * Executor-agnostic: works with EOA, UserOp, and Direct EntryPoint (for tests)
+ */
+export async function respondToHandshake({ executor, initiatorPubKey, // X25519 key from initiator (ephemeral)
+responderIdentityKeyPair, responderEphemeralKeyPair, note, identityProof, signer, initiatorIdentityPubKey, }) {
+    if (!executor) {
+        throw new Error("Executor must be provided");
+    }
+    const ephemeralKeyPair = responderEphemeralKeyPair || nacl.box.keyPair();
+    // Generate a separate ephemeral key (R,r) just for the tag
+    const tagKeyPair = nacl.box.keyPair();
+    const inResponseTo = computeTagFromResponder(tagKeyPair.secretKey, initiatorPubKey);
+    const salt = getBytes(inResponseTo); // for topics HKDF
+    let topicInfo = undefined;
+    if (initiatorIdentityPubKey) {
+        const { topicOut, topicIn, checksum } = deriveDuplexTopics(responderIdentityKeyPair.secretKey, initiatorIdentityPubKey, salt);
+        topicInfo = { out: topicOut, in: topicIn, chk: checksum };
+    }
+    const responseContent = createHandshakeResponseContent(responderIdentityKeyPair.publicKey, // X25519
+    responderIdentityKeyPair.signingPublicKey, // Ed25519
+    ephemeralKeyPair.publicKey, note, identityProof, topicInfo);
+    // Encrypt the response for the initiator
+    const payload = encryptStructuredPayload(responseContent, initiatorPubKey, // Encrypt to initiator's X25519 (ephemeral) key
+    ephemeralKeyPair.secretKey, ephemeralKeyPair.publicKey);
+    // Execute the transaction
+    const tx = await executor.respondToHandshake(inResponseTo, hexlify(tagKeyPair.publicKey), toUtf8Bytes(payload));
+    return {
+        tx,
+        salt,
+        tag: inResponseTo
+    };
+}

package/dist/src/types.d.ts

@@ -0,0 +1,73 @@
+export interface LogMessage {
+    sender: string;
+    ciphertext: string;
+    timestamp: number;
+    topic: string;
+    nonce: bigint;
+}
+export interface HandshakeLog {
+    recipientHash: string;
+    sender: string;
+    pubKeys: string;
+    ephemeralPubKey: string;
+    plaintextPayload: string;
+}
+export interface HandshakeResponseLog {
+    inResponseTo: string;
+    responder: string;
+    responderEphemeralR: string;
+    ciphertext: string;
+}
+export interface DuplexTopics {
+    /** Initiator → Responder */
+    topicOut: `0x${string}`;
+    /** Responder → Initiator */
+    topicIn: `0x${string}`;
+}
+/** Formato compatto per invio via HSR cifrata */
+export interface TopicInfoWire {
+    out: `0x${string}`;
+    in: `0x${string}`;
+    /** checksum corto per conferma (8 byte, hex) */
+    chk: `0x${string}`;
+}
+export interface IdentityKeyPair {
+    publicKey: Uint8Array;
+    secretKey: Uint8Array;
+    signingPublicKey: Uint8Array;
+    signingSecretKey: Uint8Array;
+}
+export interface IdentityProof {
+    message: string;
+    signature: string;
+    messageRawHex?: `0x${string}`;
+}
+export type PackedUserOperation = typeof DEFAULT_AA_VERSION extends "v0.6" ? UserOpV06 : UserOpV07;
+export interface BaseUserOp {
+    sender: string;
+    nonce: bigint;
+    initCode: string;
+    callData: string;
+    preVerificationGas: bigint;
+    paymasterAndData: string;
+    signature: string;
+}
+export interface UserOpV06 extends BaseUserOp {
+    callGasLimit: bigint;
+    verificationGasLimit: bigint;
+    maxFeePerGas: bigint;
+    maxPriorityFeePerGas: bigint;
+}
+export interface UserOpV07 extends BaseUserOp {
+    /**
+     * = (verificationGasLimit << 128) \| callGasLimit
+     */
+    accountGasLimits: bigint;
+    /**
+     * = (maxFeePerGas << 128) \| maxPriorityFeePerGas
+     */
+    gasFees: bigint;
+}
+export type AASpecVersion = "v0.6" | "v0.7";
+export declare const DEFAULT_AA_VERSION: AASpecVersion;
+//# sourceMappingURL=types.d.ts.map

package/dist/src/types.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../src/types.ts"],"names":[],"mappings":"AAEA,MAAM,WAAW,UAAU;IACzB,MAAM,EAAE,MAAM,CAAC;IACf,UAAU,EAAE,MAAM,CAAC;IACnB,SAAS,EAAE,MAAM,CAAC;IAClB,KAAK,EAAE,MAAM,CAAC;IACd,KAAK,EAAE,MAAM,CAAC;CACf;AAED,MAAM,WAAW,YAAY;IAC3B,aAAa,EAAE,MAAM,CAAC;IACtB,MAAM,EAAE,MAAM,CAAC;IACf,OAAO,EAAE,MAAM,CAAC;IAChB,eAAe,EAAE,MAAM,CAAC;IACxB,gBAAgB,EAAE,MAAM,CAAC;CAC1B;AAED,MAAM,WAAW,oBAAoB;IACnC,YAAY,EAAE,MAAM,CAAC;IACrB,SAAS,EAAE,MAAM,CAAC;IAClB,mBAAmB,EAAE,MAAM,CAAC;IAC5B,UAAU,EAAE,MAAM,CAAC;CACpB;AAGD,MAAM,WAAW,YAAY;IAC3B,4BAA4B;IAC5B,QAAQ,EAAE,KAAK,MAAM,EAAE,CAAC;IACxB,4BAA4B;IAC5B,OAAO,EAAE,KAAK,MAAM,EAAE,CAAC;CACxB;AAED,iDAAiD;AACjD,MAAM,WAAW,aAAa;IAC5B,GAAG,EAAE,KAAK,MAAM,EAAE,CAAC;IACnB,EAAE,EAAE,KAAK,MAAM,EAAE,CAAC;IAClB,gDAAgD;IAChD,GAAG,EAAE,KAAK,MAAM,EAAE,CAAC;CACpB;AAGD,MAAM,WAAW,eAAe;IAE9B,SAAS,EAAE,UAAU,CAAC;IACtB,SAAS,EAAE,UAAU,CAAC;IAEtB,gBAAgB,EAAE,UAAU,CAAC;IAC7B,gBAAgB,EAAE,UAAU,CAAC;CAC9B;AAGD,MAAM,WAAW,aAAa;IAC5B,OAAO,EAAE,MAAM,CAAC;IAChB,SAAS,EAAE,MAAM,CAAC;IAClB,aAAa,CAAC,EAAE,KAAK,MAAM,EAAE,CAAC;CAC/B;AAED,MAAM,MAAM,mBAAmB,GAAG,OAAO,kBAAkB,SAAS,MAAM,GACtE,SAAS,GACT,SAAS,CAAC;AAEd,MAAM,WAAW,UAAU;IACzB,MAAM,EAAE,MAAM,CAAC;IACf,KAAK,EAAE,MAAM,CAAC;IACd,QAAQ,EAAE,MAAM,CAAC;IACjB,QAAQ,EAAE,MAAM,CAAC;IACjB,kBAAkB,EAAE,MAAM,CAAC;IAC3B,gBAAgB,EAAE,MAAM,CAAC;IACzB,SAAS,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,WAAW,SAAU,SAAQ,UAAU;IAC3C,YAAY,EAAE,MAAM,CAAC;IACrB,oBAAoB,EAAE,MAAM,CAAC;IAC7B,YAAY,EAAE,MAAM,CAAC;IACrB,oBAAoB,EAAE,MAAM,CAAC;CAC9B;AAED,MAAM,WAAW,SAAU,SAAQ,UAAU;IAC3C;;OAEG;IACH,gBAAgB,EAAE,MAAM,CAAC;IACzB;;OAEG;IACH,OAAO,EAAE,MAAM,CAAC;CACjB;AAED,MAAM,MAAM,aAAa,GAAG,MAAM,GAAG,MAAM,CAAC;AAC5C,eAAO,MAAM,kBAAkB,EAAE,aAAsB,CAAC"}

package/dist/src/types.js

@@ -0,0 +1,2 @@
+// packages/sdk/src/types.ts
+export const DEFAULT_AA_VERSION = "v0.7";

package/dist/src/utils/nonce.d.ts

@@ -0,0 +1,2 @@
+export declare function getNextNonce(sender: string, topic: string): bigint;
+//# sourceMappingURL=nonce.d.ts.map

package/dist/src/utils/nonce.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"nonce.d.ts","sourceRoot":"","sources":["../../../src/utils/nonce.ts"],"names":[],"mappings":"AAEA,wBAAgB,YAAY,CAAC,MAAM,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,GAAG,MAAM,CAIlE"}

package/dist/src/utils/nonce.js

@@ -0,0 +1,6 @@
+const nonceRegistry = {};
+export function getNextNonce(sender, topic) {
+    const key = `${sender}-${topic}`;
+    nonceRegistry[key] = (nonceRegistry[key] ?? 0n) + 1n;
+    return nonceRegistry[key];
+}

package/dist/src/utils/x25519.d.ts

@@ -0,0 +1,6 @@
+/**
+ * Converts a 64-byte raw secp256k1 public key into a 32-byte x25519-compatible public key.
+ * This is done by hashing it and using the first 32 bytes.
+ */
+export declare function convertPublicKeyToX25519(secpPubKey: Uint8Array): Uint8Array;
+//# sourceMappingURL=x25519.d.ts.map

package/dist/src/utils/x25519.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"x25519.d.ts","sourceRoot":"","sources":["../../../src/utils/x25519.ts"],"names":[],"mappings":"AAEA;;;GAGG;AACH,wBAAgB,wBAAwB,CAAC,UAAU,EAAE,UAAU,GAAG,UAAU,CAO3E"}

package/dist/src/utils/x25519.js

@@ -0,0 +1,12 @@
+import { sha256 } from '@noble/hashes/sha2';
+/**
+ * Converts a 64-byte raw secp256k1 public key into a 32-byte x25519-compatible public key.
+ * This is done by hashing it and using the first 32 bytes.
+ */
+export function convertPublicKeyToX25519(secpPubKey) {
+    if (secpPubKey.length !== 64) {
+        throw new Error('Expected raw 64-byte secp256k1 public key (uncompressed, no prefix)');
+    }
+    const hash = sha256(secpPubKey);
+    return Uint8Array.from(hash.slice(0, 32));
+}

package/dist/src/utils.d.ts

@@ -0,0 +1,29 @@
+import { JsonRpcProvider } from "ethers";
+import { type PublicClient } from "viem";
+import { DuplexTopics } from "./types.js";
+export declare function parseBindingMessage(message: string): {
+    header?: string;
+    address?: string;
+    pkEd25519?: `0x${string}`;
+    pkX25519?: `0x${string}`;
+    context?: string;
+    version?: string;
+    chainId?: number;
+    rpId?: string;
+};
+export type Rpcish = import("ethers").JsonRpcProvider | import("ethers").BrowserProvider | {
+    request: (args: {
+        method: string;
+        params?: any[];
+    }) => Promise<any>;
+};
+export declare function makeViemPublicClient(provider: Rpcish): Promise<PublicClient>;
+export declare const ERC6492_SUFFIX = "0x6492649264926492649264926492649264926492649264926492649264926492";
+export declare function hasERC6492Suffix(sigHex: string): boolean;
+/**
+ * Checks if an address is a smart contract that supports EIP-1271 signature verification
+ * Returns true if the address has deployed code AND implements isValidSignature function
+ */
+export declare function isSmartContract1271(address: string, provider: JsonRpcProvider): Promise<boolean>;
+export declare function pickOutboundTopic(isInitiator: boolean, t: DuplexTopics): `0x${string}`;
+//# sourceMappingURL=utils.d.ts.map

package/dist/src/utils.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"utils.d.ts","sourceRoot":"","sources":["../../src/utils.ts"],"names":[],"mappings":"AAEA,OAAO,EAEL,eAAe,EAGhB,MAAM,QAAQ,CAAC;AAGhB,OAAO,EAIL,KAAK,YAAY,EAClB,MAAM,MAAM,CAAC;AACd,OAAO,EAAE,YAAY,EAAE,MAAM,YAAY,CAAC;AAG1C,wBAAgB,mBAAmB,CAAC,OAAO,EAAE,MAAM,GAAG;IACpD,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,SAAS,CAAC,EAAE,KAAK,MAAM,EAAE,CAAC;IAC1B,QAAQ,CAAC,EAAE,KAAK,MAAM,EAAE,CAAC;IACzB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,IAAI,CAAC,EAAE,MAAM,CAAC;CACf,CAyBA;AAED,MAAM,MAAM,MAAM,GACd,OAAO,QAAQ,EAAE,eAAe,GAChC,OAAO,QAAQ,EAAE,eAAe,GAChC;IAAE,OAAO,EAAE,CAAC,IAAI,EAAE;QAAE,MAAM,EAAE,MAAM,CAAC;QAAC,MAAM,CAAC,EAAE,GAAG,EAAE,CAAA;KAAE,KAAK,OAAO,CAAC,GAAG,CAAC,CAAA;CAAE,CAAC;AAe5E,wBAAsB,oBAAoB,CACxC,QAAQ,EAAE,MAAM,GACf,OAAO,CAAC,YAAY,CAAC,CAmBvB;AAED,eAAO,MAAM,cAAc,uEAC2C,CAAC;AAEvE,wBAAgB,gBAAgB,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAIxD;AAED;;;GAGG;AACH,wBAAsB,mBAAmB,CACvC,OAAO,EAAE,MAAM,EACf,QAAQ,EAAE,eAAe,GACxB,OAAO,CAAC,OAAO,CAAC,CA+DlB;AAGD,wBAAgB,iBAAiB,CAAC,WAAW,EAAE,OAAO,EAAE,CAAC,EAAE,YAAY,GAAG,KAAK,MAAM,EAAE,CAEtF"}

package/dist/src/utils.js

@@ -0,0 +1,123 @@
+// packages/sdk/src/utils.ts
+import { Contract, getAddress, hexlify, } from "ethers";
+import { keccak256, toUtf8Bytes } from "ethers";
+import { AbiCoder } from "ethers";
+import { createPublicClient, custom, defineChain, } from "viem";
+export function parseBindingMessage(message) {
+    const lines = message.split("\n").map((l) => l.trim());
+    const out = {};
+    if (lines[0])
+        out.header = lines[0];
+    for (let i = 1; i < lines.length; i++) {
+        const line = lines[i];
+        const idx = line.indexOf(":");
+        if (idx === -1)
+            continue;
+        const key = line.slice(0, idx).trim().toLowerCase();
+        const val = line.slice(idx + 1).trim();
+        if (key === "address")
+            out.address = getAddress(val);
+        if (key === "pked25519") {
+            out.pkEd25519 = hexlify(val);
+        }
+        if (key === "pkx25519") {
+            out.pkX25519 = hexlify(val);
+        }
+        if (key === "context")
+            out.context = val;
+        if (key === "version")
+            out.version = val;
+        if (key === "chainid")
+            out.chainId = Number(val);
+        if (key === "rpid")
+            out.rpId = val;
+    }
+    return out;
+}
+function toEip1193(provider) {
+    if (provider.request)
+        return provider;
+    if (provider.send) {
+        return {
+            request: ({ method, params }) => provider.send(method, params ?? []),
+        };
+    }
+    throw new Error("Unsupported provider: cannot build EIP-1193 request");
+}
+export async function makeViemPublicClient(provider) {
+    const eip1193 = toEip1193(provider);
+    let chainId = 1;
+    try {
+        const hex = await eip1193.request({ method: "eth_chainId" });
+        chainId = Number(hex);
+    }
+    catch {
+    }
+    const chain = defineChain({
+        id: chainId,
+        name: `chain-${chainId}`,
+        nativeCurrency: { name: "Ether", symbol: "ETH", decimals: 18 },
+        rpcUrls: { default: { http: [] } },
+    });
+    return createPublicClient({ chain, transport: custom(eip1193) });
+}
+export const ERC6492_SUFFIX = "0x6492649264926492649264926492649264926492649264926492649264926492";
+export function hasERC6492Suffix(sigHex) {
+    if (!sigHex || typeof sigHex !== "string")
+        return false;
+    const s = sigHex.toLowerCase();
+    return s.endsWith(ERC6492_SUFFIX.slice(2).toLowerCase());
+}
+/**
+ * Checks if an address is a smart contract that supports EIP-1271 signature verification
+ * Returns true if the address has deployed code AND implements isValidSignature function
+ */
+export async function isSmartContract1271(address, provider) {
+    try {
+        const code = await provider.getCode(address);
+        if (code === "0x") {
+            return false;
+        }
+        const contract = new Contract(address, [
+            "function isValidSignature(bytes32, bytes) external view returns (bytes4)",
+        ], provider);
+        // ECDSA smart contracts
+        try {
+            await contract.isValidSignature.staticCall("0x0000000000000000000000000000000000000000000000000000000000000000", "0x");
+            return true;
+        }
+        catch (simpleErr) {
+            // WebAuthn format
+            try {
+                const authenticatorData = "0xdeadbeef";
+                const clientDataJSON = "0xbeefdead";
+                const rawSignature = "0x" + "11".repeat(64);
+                const abi = AbiCoder.defaultAbiCoder();
+                const webAuthnAuth = abi.encode(["bytes", "bytes", "bytes"], [authenticatorData, clientDataJSON, rawSignature]);
+                const ownerIndex = 0;
+                const signatureWrapper = abi.encode(["uint256", "bytes"], [ownerIndex, webAuthnAuth]);
+                const hash = keccak256(toUtf8Bytes("test message"));
+                const result = await contract.isValidSignature.staticCall(hash, signatureWrapper);
+                return result === "0x1626ba7e";
+            }
+            catch (webAuthnErr) {
+                // if it's a CALL_EXCEPTION without data then function exists
+                if (webAuthnErr.code === "CALL_EXCEPTION" &&
+                    (!webAuthnErr.data ||
+                        webAuthnErr.data === "0x" ||
+                        webAuthnErr.data === null)) {
+                    return true;
+                }
+                return false;
+            }
+        }
+    }
+    catch (err) {
+        console.error("Error checking if address is smart contract:", err);
+        return false;
+    }
+}
+// picks the correct outbound topic from a DuplexTopics structure
+export function pickOutboundTopic(isInitiator, t) {
+    return isInitiator ? t.topicOut : t.topicIn;
+}